CS2406 Lab Manual NRCFOSS/AU-KBC Centre, Anna University Chennai

9 : Setting Up of Complete Network Interface

Aim:
To set up Network Interface using 'ifconfig' command and the related system files.

Introduction:
A Network interface is the point of interconnection between a computer and a private or public network. A network interface is generally a network interface card (NIC). Ethernet is a family of computer networking technologies for local area networks (LANs) commercially introduced in 1980. Standardized in IEEE 802.3, Ethernet has largely replaced competing wired LAN technologies. Gateway is a node that allows you to gain entrance into a network and vice versa. On the Internet the node which is the stopping point can be a gateway or a host node. A computer that controls the traffic your network or your ISP (Internet Service Provider) receives is a node. DNS (Domain name server), the system that automatically translates Internet addresses to the numeric machine addresses that computers use Iptables is a user space application program provided by the Linux kernel firewall (implemented as different Netfilter modules) ,that allows us to configure the tables and the chains and rules it stores. Iptables requires elevated privileges to operate and must be executed by user root, otherwise it fails to function. On most Linux systems, iptables is installed as /usr/sbin/iptables and documented in its man page, which can be opened using man iptables when installed.

Prerequisites :
To enable networking, you must configure your network interface card or cards with an IP address and netmask. The kernel must have support for your cards compiled in, either as modular support or direct support. To set your cards up, do the following. Assume your network as 192.168.2.0, IP=192.168.x.y, broadcast=192.168.x.y, netmask=255.255.255.0, gateway192.168.x.y, nameserver=192.168.x.y Note:- Please replace 'x' & 'y' with the relevant numbers from your network.

CS2406 Lab Manual NRCFOSS/AU-KBC Centre, Anna University Chennai

Procedure : Step 1 : Learn about your network & tools required

a) Basic Information
1. Determine your machines IP address from your network administrator 2. Your network mask. This determines which portion of the IP address specifies the subnetwork number and which portion specifies the host. Class C (most networks) 255.255.255.0 3. Your network address which is your IP address bit wise anded with the network mask. 4. Your broadcast address. Used to broadcast packets to every machine on your subnet. 5. Your gateway address. The address of the machine that is your gateway to the outside world. In many cases: Ex: IP: 192.168.2.100 Gateway: 192.168.2.201 6. Your nameserver address. Translates host names into IP addresses. 192.168.2.205

b) Configuration tools
There are many network configuration tools today. They are: netconf A GUI interactive interface linuxconf A GUI interactive interface which includes netconf configuration. netconfig A GUI step by step interface A text based program to configure the network interface. Type "man ifconfig ifconfig" for info. These programs will modify values in the following files: /etc/sysconfig/network - Defines your network and some of its characteristics. /etc/HOSTNAME - Shows the host name of this host. IF your name is "myhost" then that is exactly the text this file will contain. /etc/resolv.conf - Specifies the domain to be searched for host names to connect to, the nameserver address, and the search order for the nameservers. /etc/hosts - Shows addresses and names of local hosts. /etc/networks - Provides a database of network names with network addresses similar to the /etc/hosts file. This file is not required for operation. /etc/sysconfig/network-scripts/ifcfg-eth* - There is a file for each network interface. This file contains the IP address of the interface and many other setup variables.

c) Analysis Tools

netstat - Displays information about the systems network connections, including port connections, routing tables, and more. The command "netstar -r" will display the routing table. traceroute - This command can be used to determine the network route from your computer to some other computer on your network or the

CS2406 Lab Manual NRCFOSS/AU-KBC Centre, Anna University Chennai internet. To use it you can type "route IPaddress" of the computer you want to see the route to. nslookup - Used to query DNS servers for information about hosts. arp - This program lets the user read or modify their arp cache. tcpdump - This program allows the user to see TCP traffic on their network. dig(1) - Send domain name query packets to name servers for debugging or testing. Try the above tools.

Step 2 : Configuring the Network

You can use one of the above tools or configure the network the old fashioned way as follows: 1. First to use networking on any permanent basis you should setup the file /etc/sysconfig/network similar to the example shown below. 2. Assign an ip address with "ifconfig eth0 192.168.x.y netmask 255.255.255.0 up". 3. Tell your machine that a hub is ready for information with the command "route add -net 192.168.0.0 netmask 255.255.255.0 eth0" 4. To contact hosts outside your network if a machine with IP address 192.168.x.y is the gateway use the command "route add default gw 192.168.x.y eth0" 5. If using a dialup connection use the command "route add default ppp0" The word default says if the packet is not for a machine on your local network, send it to the default device. These settings are not permanent, but go away the next time you boot. They are normally set up in the directory /etc/sysconfig/network-scripts. Add the network interface to the file /etc/sysconfig/network-scripts/ifcfg-eth*. For example the file ifcfgeth0 if for the first ethernet interface, ifcfg-eth1 for the second, and so on. The lines given below are from ifcfg-eth0: (Assuming 192.168.2.100 as your machine IP)
DEVICE="eth0" IPADDR="192.168.2.100" NETMASK="255.255.0.0" ONBOOT="yes" BOOTPROTO="none"

Unless you know what you're doing it is best to use a network configuration tool.

Step 3 : Configuring an interface for multiple IP addresses

If you want to configure your network card to act as more than one IP address, issue the following command: ifconfig dummy 192.168.1.102 netmask 255.255.255.0 This uses the dummy system interface capability supported in the kernel to setup another virtual interface which operates at IP address 192.168.1.102. Substitute the IP address that you want your virtual interface to be with an appropriate netmask for your network. To disable this, issue the following command. ifconfig dummy down

CS2406 Lab Manual NRCFOSS/AU-KBC Centre, Anna University Chennai Another way to use multiple IP addresses on one ethernet card is to set up a new file in your /etc/sysconfig/network-scripts directory. Copy your ifcfg-eth0 role to ifcfg-eth0:0. Edit that file and rename the device to "eth0:0" and the IP address to the desired IP address. You may also want to modify BROADCAST, NETWORK, or NETMASK. You can continue adding IP addresses by using :1, :2, etc such as ifcfg-eth0:2. Sample of ifcfg-eth0:1 for the IP : 192.168.2.101
DEVICE="eth0:1" IPADDR="192.168.2.101" NETMASK="255.255.0.0" ONBOOT="yes"

BOOTPROTO="none" To make it effective, you must reboot your system or issue the command "/etc/rc.d/init.d/network restart" as root.

Step 4: Gaining familiarity with Networking files and configuring for DNS

/etc/sysconfig/network The /etc/inittab file contains the entry "si::sysinit:/etc/rc.d/rc.sysinit" which causes the system at startup to run the rc.sysinit script. The rc.sysinit file expects to find file /etc/sysconfig/network if networking is to be enabled.

the

The network file looks like this: Make the changes as per the highlighted lines.
NETWORKING=yes FORWARD_IPV4=false HOSTNAME=yourname.collegename.com DOMAINNAME=collegename.com GATEWAY=192.168.x.y GATEWAYDEV=eth0

Where GATEWAYDEV is the network interface card that is attached to the network the gateway machine is on. The GATEWAY is the actual IP address of the gateway machine.(Assuming 192.168.2.100 as your machine IP)

/etc/hosts - Defines local hosts.

localhost localhost.localdomain yourname.collegename.com yourname

127.0.0.1 192.168.1.100

/etc/named.conf - Used for domain name service to configure named. Other files used are dependent on this file. This file is explained further in the DNS section

/etc/resolv.conf - Specifies the domain to be searched for host names to connect to, the nameserver address, and the search order for the nameservers.

domain collegename.com search collegename.com mynet.net nameserver 192.168.1.100 nameserver 192.168.199.1 nameserver 192.168.1.10

CS2406 Lab Manual NRCFOSS/AU-KBC Centre, Anna University Chennai The third line specifies that DNS should be tried on your machine first then use the normal nameserver on the fifth line. The fourth line specifies that my machine is running nameservices on another network which is using interface 192.168.199.1. This assumes the nameserver is set up on your machine.
You can add additional nameservers like google DNS nameserver 8.8.8.8 nameserver 8.8.4.4

Step 5: Routing Setting up of Gateway

Routing table information is used to route incoming and outgoing network diagrams to other machines. On most simple configurations, there are three routes. One for sending packets to your own machine, one for sending packets to other machines on your network and one for sending packets to other machines outside your network through the gateway. Two programs (ifconfig and route) are used to configure these parameters. They are described in more detail in the routing section. Static routes: IP (Internet Protocol) uses a routing table to determine where packets should be sent. First the packet is examined to see if its' destination is for the local or remote network. If it is to be sent to a remote network, the routing table is consulted to determine the path. If there is no information in the routing table then the packet is sent to the default gateway. Static routes are set with the route command and with the configuration file:

DEVICE=eth0 BOOTPROTO=static IPADDR=192.168.x.y NETMASK=255.255.255.0 GATEWAY=XXX.XXX.XXX.XXX HOSTNAME=node-name.name-of-domain.com DOMAIN=name-of-domain.com

/etc/sysconfig/network-scripts/route-eth0

route add -net XXX.XXX.XXX.0 XXX.XXX.XXX.XXX dev eth0

Define route with with the 'route' command: Examples: route add default gw XXX.XXX.XXX.XXX dev eth0

netmask 255.255.255.0 gw

Where XXX.XXX.XXX.XXX is the gateway to the internet as defined by your ISP or network operator. Note :- If a mistake is made just repeat the route command substituting "del" in place of "add".

CS2406 Lab Manual NRCFOSS/AU-KBC Centre, Anna University Chennai

Step 6: Managing iptables

Try the following .. as root user... a) You can start, stop, and restart iptables after booting by using the commands: # service iptables start # service iptables stop # service iptables restart b)To get iptables configured to start at boot, use the chkconfig command:. # chkconfig iptables on c)You can determine whether iptables is running or not via the service iptables status command. Fedora Core will give a simple status message. For example # service iptables status Firewall is stopped. References : 1.http://www.yolinux.com/TUTORIALS/LinuxTutorialNetworking.html 2.http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch03_:_Lin ux_Networking 3.http://whatismyipaddress.com/gateway 4.http://en.wikipedia.org/wiki/Ethernet